Bug 1118169 (CVE-2014-2970)

Summary: CVE-2014-2970 openssl: client-crash when parsing SRP parameters (VU#904060)
Product: [Other] Security Response Reporter: Huzaifa S. Sidhpurwala <huzaifas>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: jrusnack, security-response-team, tmraz
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-07-10 08:36:06 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1118171, 1127468    

Description Huzaifa S. Sidhpurwala 2014-07-10 06:36:46 UTC 
A flaw was found in the way OpenSSL (client side code) parsed TLS SRP extension packets. The ServerHello indicated that it intended to use SRP ciphersuite, but SRP parameters were omitted. When a client connectected to such a server, which offered SRP ciphersuites, this could cause the client to crash.


Acknowledgements:

Red Hat would like to thank the CERT Coordination Center (CERT/CC) for reporting this issue.
Comment 4 Huzaifa S. Sidhpurwala 2014-07-10 08:30:21 UTC 
The version of openssl as shipped with Red Hat Enterprise Linux 5, 6, and 7 does not support the Secure Remote Password (SRP) protocol as an authentication method for the Transport Layer Security protocol and therefore is not affected.
Comment 5 Huzaifa S. Sidhpurwala 2014-07-10 08:31:01 UTC 
This issue does not affect the version of openssl as shipped with Fedora 19 and Fedora 20.
Comment 6 Tomas Hoger 2014-08-07 06:10:03 UTC 
Public now via upstream commit:

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=80bd7b41b30af6ee96f519e629463583318de3b0

It seems this issue got another duplicate CVE id CVE-2014-5139 (bug 1127491) assigned to this issue by OpenSSL upstream.
Comment 7 Tomas Hoger 2014-08-07 06:31:20 UTC 
Note that SRP support was introduced upstream in version 1.0.1.

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=edc032b
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0deea0e
Comment 8 Tomas Hoger 2014-08-07 07:42:14 UTC 
CVE-2014-2970 was also incorrectly used to refer to the LibreSSL PRNG re-seeding issue described in:

https://www.agwa.name/blog/post/libressls_prng_is_unsafe_on_linux
http://arstechnica.com/security/2014/07/only-a-few-days-old-openssl-fork-libressl-is-declared-unsafe-for-linux/

Because of the incorrect use, the id has already been rejected as duplicate:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2970

  ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5139.
  Reason: This candidate is a duplicate of CVE-2014-5139, and has also been
  used to refer to an unrelated topic that is currently outside the scope of
  CVE. This unrelated topic is a LibreSSL code change adding functionality
  for certain process-bifurcation use cases that might arise in future
  LibreSSL-based applications. There is no CVE ID associated with this
  LibreSSL code change. As of 20140730, CVE-2014-5139 is an undisclosed
  vulnerability in a different product, with ongoing vulnerability
  coordination that had previously used the CVE-2014-2970 ID.
Comment 9 Tomas Hoger 2014-08-07 07:43:43 UTC 

*** This bug has been marked as a duplicate of bug 1127491 ***